18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 28c2ecf20Sopenharmony_ci 38c2ecf20Sopenharmony_ci/* 48c2ecf20Sopenharmony_ci * Copyright (C) 2020 Google LLC. 58c2ecf20Sopenharmony_ci */ 68c2ecf20Sopenharmony_ci#include <linux/lsm_hooks.h> 78c2ecf20Sopenharmony_ci#include <linux/bpf_lsm.h> 88c2ecf20Sopenharmony_ci 98c2ecf20Sopenharmony_cistatic struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { 108c2ecf20Sopenharmony_ci #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ 118c2ecf20Sopenharmony_ci LSM_HOOK_INIT(NAME, bpf_lsm_##NAME), 128c2ecf20Sopenharmony_ci #include <linux/lsm_hook_defs.h> 138c2ecf20Sopenharmony_ci #undef LSM_HOOK 148c2ecf20Sopenharmony_ci LSM_HOOK_INIT(inode_free_security, bpf_inode_storage_free), 158c2ecf20Sopenharmony_ci}; 168c2ecf20Sopenharmony_ci 178c2ecf20Sopenharmony_cistatic int __init bpf_lsm_init(void) 188c2ecf20Sopenharmony_ci{ 198c2ecf20Sopenharmony_ci security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); 208c2ecf20Sopenharmony_ci pr_info("LSM support for eBPF active\n"); 218c2ecf20Sopenharmony_ci return 0; 228c2ecf20Sopenharmony_ci} 238c2ecf20Sopenharmony_ci 248c2ecf20Sopenharmony_cistruct lsm_blob_sizes bpf_lsm_blob_sizes __lsm_ro_after_init = { 258c2ecf20Sopenharmony_ci .lbs_inode = sizeof(struct bpf_storage_blob), 268c2ecf20Sopenharmony_ci}; 278c2ecf20Sopenharmony_ci 288c2ecf20Sopenharmony_ciDEFINE_LSM(bpf) = { 298c2ecf20Sopenharmony_ci .name = "bpf", 308c2ecf20Sopenharmony_ci .init = bpf_lsm_init, 318c2ecf20Sopenharmony_ci .blobs = &bpf_lsm_blob_sizes 328c2ecf20Sopenharmony_ci}; 33